<?xml version="1.0" encoding="iso-8859-1" standalone="no"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
    "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
  <head>
    <meta http-equiv="Content-Type" content=
    "application/xhtml+xml; charset=iso-8859-1" />
    <title>
      CrackLib-2.9.7
    </title>
    <link rel="stylesheet" type="text/css" href="../stylesheets/lfs.css" />
    <meta name="generator" content="DocBook XSL Stylesheets V1.78.1" />
    <link rel="stylesheet" href="../stylesheets/lfs-print.css" type=
    "text/css" media="print" />
  </head>
  <body class="blfs" id="blfs-2020-04-02">
    <div class="navheader">
      <h4>
        Beyond Linux<sup>�</sup> From Scratch <span class="phrase">(System
        V</span> Edition) - Version 2020-04-02
      </h4>
      <h3>
        Chapter&nbsp;4.&nbsp;Security
      </h3>
      <ul>
        <li class="prev">
          <a accesskey="p" href="make-ca.html" title="make-ca-1.7">Prev</a>
          <p>
            make-ca-1.7
          </p>
        </li>
        <li class="next">
          <a accesskey="n" href="cryptsetup.html" title=
          "cryptsetup-2.3.1">Next</a>
          <p>
            cryptsetup-2.3.1
          </p>
        </li>
        <li class="up">
          <a accesskey="u" href="security.html" title=
          "Chapter&nbsp;4.&nbsp;Security">Up</a>
        </li>
        <li class="home">
          <a accesskey="h" href="../index.html" title=
          "Beyond Linux� From Scratch     (System V Edition) - Version 2020-04-02">
          Home</a>
        </li>
      </ul>
    </div>
    <div class="sect1" lang="en" xml:lang="en">
      <h1 class="sect1">
        <a id="cracklib" name="cracklib"></a>CrackLib-2.9.7
      </h1>
      <div class="package" lang="en" xml:lang="en">
        <h2 class="sect2">
          Introduction to CrackLib
        </h2>
        <p>
          The <span class="application">CrackLib</span> package contains a
          library used to enforce strong passwords by comparing user selected
          passwords to words in chosen word lists.
        </p>
        <p>
          This package is known to build and work properly using an LFS-9.1
          platform.
        </p>
        <h3>
          Package Information
        </h3>
        <div class="itemizedlist">
          <ul class="compact">
            <li class="listitem">
              <p>
                Download (HTTP): <a class="ulink" href=
                "https://github.com/cracklib/cracklib/releases/download/v2.9.7/cracklib-2.9.7.tar.bz2">
                https://github.com/cracklib/cracklib/releases/download/v2.9.7/cracklib-2.9.7.tar.bz2</a>
              </p>
            </li>
            <li class="listitem">
              <p>
                Download MD5 sum: 0d68de25332cee5660850528a385427f
              </p>
            </li>
            <li class="listitem">
              <p>
                Download size: 592 KB
              </p>
            </li>
            <li class="listitem">
              <p>
                Estimated disk space required: 4.2 MB
              </p>
            </li>
            <li class="listitem">
              <p>
                Estimated build time: less than 0.1 SBU
              </p>
            </li>
          </ul>
        </div>
        <h3>
          Additional Downloads
        </h3>
        <div class="itemizedlist">
          <ul class="compact">
            <li class="listitem">
              <p>
                Recommended word list for English-speaking countries (size:
                6.7 MB; md5sum: 94e9963e4786294f7fb0f2efd7618551): <a class=
                "ulink" href=
                "https://github.com/cracklib/cracklib/releases/download/v2.9.7/cracklib-words-2.9.7.bz2">
                https://github.com/cracklib/cracklib/releases/download/v2.9.7/cracklib-words-2.9.7.bz2</a>
              </p>
            </li>
          </ul>
        </div>
        <p>
          There are additional word lists available for download, e.g., from
          <a class="ulink" href=
          "http://www.cotse.com/tools/wordlists.htm">http://www.cotse.com/tools/wordlists.htm</a>.
          <span class="application">CrackLib</span> can utilize as many, or
          as few word lists you choose to install.
        </p>
        <div class="admon important">
          <img alt="[Important]" src="../images/important.png" />
          <h3>
            Important
          </h3>
          <p>
            Users tend to base their passwords on regular words of the spoken
            language, and crackers know that. <span class=
            "application">CrackLib</span> is intended to filter out such bad
            passwords at the source using a dictionary created from word
            lists. To accomplish this, the word list(s) for use with
            <span class="application">CrackLib</span> must be an exhaustive
            list of words and word-based keystroke combinations likely to be
            chosen by users of the system as (guessable) passwords.
          </p>
          <p>
            The default word list recommended above for downloading mostly
            satisfies this role in English-speaking countries. In other
            situations, it may be necessary to download (or even create)
            additional word lists.
          </p>
          <p>
            Note that word lists suitable for spell-checking are not usable
            as <span class="application">CrackLib</span> word lists in
            countries with non-Latin based alphabets, because of <span class=
            "quote">&ldquo;<span class="quote">word-based keystroke
            combinations</span>&rdquo;</span> that make bad passwords.
          </p>
        </div>
        <h3>
          CrackLib Dependencies
        </h3>
        <h4>
          Optional
        </h4>
        <p class="optional">
          <a class="xref" href="../general/python2.html" title=
          "Python-2.7.17">Python-2.7.17</a>
        </p>
        <p class="usernotes">
          User Notes: <a class="ulink" href=
          "http://wiki.linuxfromscratch.org/blfs/wiki/cracklib">http://wiki.linuxfromscratch.org/blfs/wiki/cracklib</a>
        </p>
      </div>
      <div class="installation" lang="en" xml:lang="en">
        <h2 class="sect2">
          Installation of CrackLib
        </h2>
        <p>
          Install <span class="application">CrackLib</span> by running the
          following commands:
        </p>
        <pre class="userinput">
<kbd class="command">sed -i '/skipping/d' util/packer.c &amp;&amp;

./configure --prefix=/usr    \
            --disable-static \
            --with-default-dict=/lib/cracklib/pw_dict &amp;&amp;
make</kbd>
</pre>
        <p>
          Now, as the <code class="systemitem">root</code> user:
        </p>
        <pre class="root">
<kbd class="command">make install                      &amp;&amp;
mv -v /usr/lib/libcrack.so.* /lib &amp;&amp;
ln -sfv ../../lib/$(readlink /usr/lib/libcrack.so) /usr/lib/libcrack.so</kbd>
</pre>
        <p>
          Issue the following commands as the <code class=
          "systemitem">root</code> user to install the recommended word list
          and create the <span class="application">CrackLib</span>
          dictionary. Other word lists (text based, one word per line) can
          also be used by simply installing them into <code class=
          "filename">/usr/share/dict</code> and adding them to the
          <span class="command"><strong>create-cracklib-dict</strong></span>
          command.
        </p>
        <pre class="root">
<kbd class="command">install -v -m644 -D    ../cracklib-words-2.9.7.bz2 \
                         /usr/share/dict/cracklib-words.bz2    &amp;&amp;

bunzip2 -v               /usr/share/dict/cracklib-words.bz2    &amp;&amp;
ln -v -sf cracklib-words /usr/share/dict/words                 &amp;&amp;
echo $(hostname) &gt;&gt;      /usr/share/dict/cracklib-extra-words  &amp;&amp;
install -v -m755 -d      /lib/cracklib                         &amp;&amp;

create-cracklib-dict     /usr/share/dict/cracklib-words \
                         /usr/share/dict/cracklib-extra-words</kbd>
</pre>
        <p>
          If desired, check the proper operation of the library as an
          unprivileged user by issuing the following command:
        </p>
        <pre class="userinput">
<kbd class="command">make test</kbd>
</pre>
        <div class="admon important">
          <img alt="[Important]" src="../images/important.png" />
          <h3>
            Important
          </h3>
          <p>
            If you are installing <span class="application">CrackLib</span>
            after your LFS system has been completed and you have the
            <span class="application">Shadow</span> package installed, you
            must reinstall <a class="xref" href="shadow.html" title=
            "Shadow-4.8.1">Shadow-4.8.1</a> if you wish to provide strong
            password support on your system. If you are now going to install
            the <a class="xref" href="linux-pam.html" title=
            "Linux-PAM-1.3.1">Linux-PAM-1.3.1</a> package, you may disregard
            this note as <span class="application">Shadow</span> will be
            reinstalled after the <span class="application">Linux-PAM</span>
            installation.
          </p>
        </div>
      </div>
      <div class="commands" lang="en" xml:lang="en">
        <h2 class="sect2">
          Command Explanations
        </h2>
        <p>
          <span class="command"><strong>sed -i '/skipping/d'
          util/packer.c</strong></span>: Remove a meaningless warning.
        </p>
        <p>
          <em class=
          "parameter"><code>--with-default-dict=/lib/cracklib/pw_dict</code></em>:
          This parameter forces the installation of the <span class=
          "application">CrackLib</span> dictionary to the <code class=
          "filename">/lib</code> hierarchy.
        </p>
        <p>
          <em class="parameter"><code>--disable-static</code></em>: This
          switch prevents installation of static versions of the libraries.
        </p>
        <p>
          <span class="command"><strong>mv -v /usr/lib/libcrack.so.2*
          /lib</strong></span> and <span class="command"><strong>ln -v -sf
          ../../lib/libcrack.so.2.9.0 ...</strong></span>: These two commands
          move the <code class="filename">libcrack.so.2.9.0</code> library
          and associated symlink from <code class="filename">/usr/lib</code>
          to <code class="filename">/lib</code>, then recreates the
          <code class="filename">/usr/lib/libcrack.so</code> symlink pointing
          to the relocated file.
        </p>
        <p>
          <span class="command"><strong>install -v -m644 -D
          ...</strong></span>: This command creates the <code class=
          "filename">/usr/share/dict</code> directory (if it doesn't already
          exist) and installs the compressed word list there.
        </p>
        <p>
          <span class="command"><strong>ln -v -s cracklib-words
          /usr/share/dict/words</strong></span>: The word list is linked to
          <code class="filename">/usr/share/dict/words</code> as
          historically, <code class="filename">words</code> is the primary
          word list in the <code class="filename">/usr/share/dict</code>
          directory. Omit this command if you already have a <code class=
          "filename">/usr/share/dict/words</code> file installed on your
          system.
        </p>
        <p>
          <span class="command"><strong>echo $(hostname)
          &gt;&gt;...</strong></span>: The value of <span class=
          "command"><strong>hostname</strong></span> is echoed to a file
          called <code class="filename">cracklib-extra-words</code>. This
          extra file is intended to be a site specific list which includes
          easy to guess passwords such as company or department names, user
          names, product names, computer names, domain names, etc.
        </p>
        <p>
          <span class="command"><strong>create-cracklib-dict
          ...</strong></span>: This command creates the <span class=
          "application">CrackLib</span> dictionary from the word lists.
          Modify the command to add any additional word lists you have
          installed.
        </p>
      </div>
      <div class="content" lang="en" xml:lang="en">
        <h2 class="sect2">
          Contents
        </h2>
        <div class="segmentedlist">
          <div class="seglistitem">
            <div class="seg">
              <strong class="segtitle">Installed Programs:</strong>
              <span class="segbody">cracklib-check, cracklib-format,
              cracklib-packer, cracklib-unpacker and
              create-cracklib-dict</span>
            </div>
            <div class="seg">
              <strong class="segtitle">Installed Libraries:</strong>
              <span class="segbody">libcrack.so and the _cracklibmodule.so
              <span class="application">Python</span> module</span>
            </div>
            <div class="seg">
              <strong class="segtitle">Installed Directories:</strong>
              <span class="segbody">/lib/cracklib, /usr/share/dict and
              /usr/share/cracklib</span>
            </div>
          </div>
        </div>
        <div class="variablelist">
          <h3>
            Short Descriptions
          </h3>
          <table border="0" class="variablelist">
            <colgroup>
              <col align="left" valign="top" />
              <col />
            </colgroup>
            <tbody>
              <tr>
                <td>
                  <p>
                    <a id="cracklib-check" name=
                    "cracklib-check"></a><span class="term"><span class=
                    "command"><strong>cracklib-check</strong></span></span>
                  </p>
                </td>
                <td>
                  <p>
                    is used to determine if a password is strong.
                  </p>
                </td>
              </tr>
              <tr>
                <td>
                  <p>
                    <a id="cracklib-format" name=
                    "cracklib-format"></a><span class="term"><span class=
                    "command"><strong>cracklib-format</strong></span></span>
                  </p>
                </td>
                <td>
                  <p>
                    is used to format text files (lowercases all words,
                    removes control characters and sorts the lists).
                  </p>
                </td>
              </tr>
              <tr>
                <td>
                  <p>
                    <a id="cracklib-packer" name=
                    "cracklib-packer"></a><span class="term"><span class=
                    "command"><strong>cracklib-packer</strong></span></span>
                  </p>
                </td>
                <td>
                  <p>
                    creates a database with words read from standard input.
                  </p>
                </td>
              </tr>
              <tr>
                <td>
                  <p>
                    <a id="cracklib-unpacker" name=
                    "cracklib-unpacker"></a><span class="term"><span class=
                    "command"><strong>cracklib-unpacker</strong></span></span>
                  </p>
                </td>
                <td>
                  <p>
                    displays on standard output the database specified.
                  </p>
                </td>
              </tr>
              <tr>
                <td>
                  <p>
                    <a id="create-cracklib-dict" name=
                    "create-cracklib-dict"></a><span class=
                    "term"><span class="command"><strong>create-cracklib-dict</strong></span></span>
                  </p>
                </td>
                <td>
                  <p>
                    is used to create the <span class=
                    "application">CrackLib</span> dictionary from the given
                    word list(s).
                  </p>
                </td>
              </tr>
              <tr>
                <td>
                  <p>
                    <a id="libcrack" name="libcrack"></a><span class=
                    "term"><code class="filename">libcrack.so</code></span>
                  </p>
                </td>
                <td>
                  <p>
                    provides a fast dictionary lookup method for strong
                    password enforcement.
                  </p>
                </td>
              </tr>
            </tbody>
          </table>
        </div>
      </div>
      <p class="updated">
        Last updated on 2020-03-24 14:19:44 -0500
      </p>
    </div>
    <div class="navfooter">
      <ul>
        <li class="prev">
          <a accesskey="p" href="make-ca.html" title="make-ca-1.7">Prev</a>
          <p>
            make-ca-1.7
          </p>
        </li>
        <li class="next">
          <a accesskey="n" href="cryptsetup.html" title=
          "cryptsetup-2.3.1">Next</a>
          <p>
            cryptsetup-2.3.1
          </p>
        </li>
        <li class="up">
          <a accesskey="u" href="security.html" title=
          "Chapter&nbsp;4.&nbsp;Security">Up</a>
        </li>
        <li class="home">
          <a accesskey="h" href="../index.html" title=
          "Beyond Linux� From Scratch     (System V Edition) - Version 2020-04-02">
          Home</a>
        </li>
      </ul>
    </div>
  </body>
</html>
